On 11/09/2015 11:13 PM, jan iversen wrote:
> I would like that we have a generic account in coverity (read-only), so that
> e.g. I
> can show new people the issues there.
I don't even think the Coverity issues are a good set of tasks for
newcomers.
We mostly have close to zero open issues there anyway. If a new bunch
of issues comes in, that typically is because of a single change causing
multiple issues, and it is typically not immediately obvious how best to
solve those issues.
One example is when we recently started to get Coverity/FindBugs issues
in Java code. Many of the FindBugs findings need to be taken with a
grain of salt, and fixing them naively means being overly optimistic.
(For example, a private field of a class not being used in that class
does not necessarily mean it should be removed, as it could be used via
reflection.)
Another example is when the implementation of
osl_getSystemPathFromFileURL recently happened to start to throw
std::length_error, and that caused ripple effects of uncaught exceptions
all through the code. A std::length_error is a logic error, where the
"distinguishing characteristic of logic errors is that they are due to
errors in the internal logic of the program. In theory, they are
preventable." ([std.exceptions]) That is, the throwing of such an
exception is more akin to an assert firing than to throwing an exception
that is intended to be caught and handled programmatically. That means
that it is probably often better to let such an exception lead to
std::unexpected -> std::abort and a core dump and backtrace that a
developer can act upon, than to catch and somehow handle it, and thereby
obscure the root cause of a problem.